Canonical and others close kernel holes

Canonical has released updated kernels for Ubuntu versions 10.04 LTS, 9.10, 9.04, 8.04 LTS and 6.06 LTS to close the recently discovered holes in the Linux kernel. The updates are also for the equivalent versions of Kubuntu, Edubuntu and Xubuntu and should be available through Ubuntu’s Software Update system.

The two holes were discovered by Ben Hawkes. In one, he found that on 64-bit systems the kernel did not correctly validate memory ranges when making 32-bit system calls which allocated memory. This flaw could allow a local attacker to gain root privileges (CVE-2010-3081). In the other he found that the registers on 64 bit kernels were not correctly filtered when performing 32-bit system calls on a 64-bit system (CVE-2010-3301). This could also allow local attackers to gain root privilege.